Online x86 / x64 Assembler and Disassembler]]>Simple Msil Decryptor by CodeCrackerFri, 05 May 2017 15:48:26 +0000https://www.techbliss.org/threads/simple-msil-decryptor-by-codecracker.52/
https://www.techbliss.org/threads/simple-msil-decryptor-by-codecracker.52/invalid@example.com (storm shadow)storm shadow
A tools for decrypting MSIL.
Works for:
- Cli_Secure
-. the the NET the Reactor the
- CodeVeil
- etc
Simple CodeVeil trick:
While to decrypting CodeVeil if you see the message "Thank you for evaluating CodeVeil." simple roll back the date with few years and run the tools again. Framework 4.0 suport: Framework4.0.zip file contains Simple_MSIL_Decryptor.exe.config In order to have Framework 4.0 suport: all you have to do is to place Simple_MSIL_Decryptor.exe.config in the...

Small tool to convert a PE from a virtual format into a raw format
(useful in recovering executables dumped from the memory).
Usage:
pe_unmapper.exe [input_file] [load base: in hex] [*output_file]
* - optional

dnSpy is a tool to reverse engineer .NET assemblies. It includes a decompiler, a debugger and an assembly editor (and more) and can be easily extended by writing your own extension. It uses dnlib to read and write assemblies so it can handle obfuscated assemblies (eg. malware) without crashing.Binaries...

Malicious executable often attempts to hide its malicious behavior and to evade detection. In doing so, it generally presents anomalies and suspicious patterns. The goal of PEStudio is to detect these anomalies, provide Indicators and score the Trust for the executable being analyzed. Since the executable file being analyzed...

Supports both x86/x64
Simple APIs and batch hooks
Low memory foot print, will re-use trampoline pages as much as possible
RWX sensitive, will temporarily enable RWX and then revert to RX when writing trampolines
Uses a private heap
Uses an OS abstraction layer - easy to add support for other OSs
Currently supports only...

+++++++++++
Python News
+++++++++++
What's New in Python 2.7.12 release candidate 1?
================================================
*Release date: 2016-06-12*
Core and Builtins
-----------------
- Issue #20041: Fixed TypeError when frame.f_trace is set to None.
Patch by Xavier de Gaye.
- Issue #25702: A --with-lto configure option has been added that will
enable link time optimizations at build time during a make profile-opt.
Some compilers and toolchains are...

Python 2.7.11 Released]]>2RogueKillerPE Explore any executable file internals by TigzyRKTue, 17 Nov 2015 10:46:21 +0000https://www.techbliss.org/threads/roguekillerpe-explore-any-executable-file-internals-by-tigzyrk.797/
https://www.techbliss.org/threads/roguekillerpe-explore-any-executable-file-internals-by-tigzyrk.797/invalid@example.com (storm shadow)storm shadow ​RogueKillerPE is a PE parsing tool, able to show internal structure of executable files. It’s able to open either the memory image (process module) or the disk image (filesystem) of the same executable.This software is currently in early alpha stage.

RogueKillerPE Explore any executable file internals by TigzyRK]]>Autopsy 3.1.2 released.Tue, 03 Nov 2015 17:59:00 +0000https://www.techbliss.org/threads/autopsy-3-1-2-released.655/
https://www.techbliss.org/threads/autopsy-3-1-2-released.655/invalid@example.com (storm shadow)storm shadow The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card....

WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the "Properties..." toolbar button to get more information, such as description, attributes, resource usage etc. WinObjEx64 let you view and edit object-related security information if you have required access rights. ...

Known issues:- Large hives (SOFTWARE 100+ Mb) can be slow to load the tree due to the number of data in these hives (100s of thousands of keys and values). They will load thought!
NEW: Added new tab in upper left, Available bookmarks, that...

The purpose of this app is persistent IAT hooking, made fast and easy. It provides substituting any function loaded from DLL by your custom function (the only requirement it that call convention and number of parameters are the same!).

SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and by displaying all tool output in a convenient way. If little time is spent setting up commands and tools, more time can be spent focusing on analysing results.Features

Bindead is an analyzer for executable machine code. It features a disassembler that translates machine code bits into an assembler like language (RREIL) that in turn is then analyzed by the static analysis component using abstract interpretation. As Bindead operates on the machine code level, it can be used without having the source code of the program to be analyzed. In fact, the purpose of Bindead is to help with...

Binary Viewer - what is it?
Binary Viewer is a free windows utility allowing you to open and view any file located on your computer regardless of format file was saved.
Binary Viewer displays file contents in binary, hexadecimal, octal, decimal and text formats (multiple Encodings), therefore letting you to peek into binary files, usually not viewable when using standard Windows viewer/editors like Notepad.
New version 4.14.6.10 was released Aug 01, 2014.
Here's what's new in this...